August 11, 2020

Adobe Are you bored sitting at home in Covid Quarantine? We 19 1 1 0 1 have a little excitement for you this month with two zero Bulletin Critical Important User Targeted day releases from Microsoft. These vulnerabilities impact all New Bulletins Windows Operating System versions going back to Windows Apple 18 1 1 0 1 7 and Server 2008, and also Internet Explorer 11 across all Bulletin Critical Important User Targeted supported OSs. This release also includes the resolution of Critical Windows Print Spooler Elevation of Privilege vulnerability Microsoft (CVE-2020-1337) that made recent headlines. Adobe 16 17 16 1 14 Acrobat, Reader and Apple iCloud also have critical updates Bulletins Critical Important User Targeted User Targeted resolving 26 and 20 CVEs respectively.

Privilege Management CVE Vendor Ivanti Threat User Mitigates Bulletins Count Impact Severity Priority Risk Notes Targeted Impact

Adobe APSB20-48 Code Execution Critical Acrobat and Reader 26 1

Apple ICLOUD-200811 Code Execution Critical iCloud for Windows 11.3 20 1

MS20-08-IE Microsoft Remote Code Exploited: Internet Explorer 9 Critical 3 Execution 1 CVE-2020-1380 and 11

MS20-08-MR2K8-ESU Exploited and Remote Code Server 2008 and Critical Disclosed: 33 Execution 1 IE 9 - Extended Security CVE-2020-1464

MS20-08-MR2K8R2- Exploited: CVE-2020-1380 ESU Remote Code Critical Exploited and Server 2008 R2 + 56 Execution 1 Disclosed: IE - Extended Security CVE-2020-1464

Exploited: MS20-08-MR7-ESU CVE-2020-1380 Remote Code Windows 7 + IE - Critical Exploited and 56 Execution 1 Extended Secuity Disclosed: CVE-2020-1464

Exploited: CVE-2020-1380 MS20-08-MR8 Remote Code Critical Exploited and Server 2012 and IE 43 Execution 1 Disclosed: CVE-2020-1464

Exploited: MS20-08-MR81 CVE-2020-1380 Remote Code Windows 8.1, Server Critical Exploited and 61 Execution 1 2012 R2 and IE Disclosed: CVE-2020-1464

MS20-08-MRNET Remote Code Critical .NET Framework 2.0-4.8 2 Execution 1

MS20-08-OFF Access 2010-2016, Excel 2010-2016, Office Remote Code 2010-2016, Outlook Critical 13 Execution 1 2010-2016, Word 2010-2016, Office 2016 and 2019 for macOS

MS20-08-O365 Remote Code Microsoft 365 Apps, Critical 13 Execution 1 Office 2019

MS20-08-SO2K8-ESU Exploited and Remote Code Server 2008 - Extended Critical Disclosed: 31 Execution 1 Security CVE-2020-1464

MS20-08-SO2K8R2-ESU Exploited and Remote Code Server 2008 R2 - Critical Disclosed: 53 Execution 1 Extended Security CVE-2020-1464

MS20-08-SO7-ESU Exploited and Remote Code Windows 7 - Extended Critical Disclosed: 53 Execution 1 Secuity CVE-2020-1464

Exploited and MS20-08-SO8 Remote Code Critical Disclosed: Server 2012 40 Execution 1 CVE-2020-1464

MS20-08-SO81 Exploited and Remote Code Windows 8.1 and Critical Disclosed: 58 Execution 1 Server 2012 R2 CVE-2020-1464

MS20-08-SONET Remote Code Critical .NET Framework 2.0-4.8 2 Execution 1

MS20-08-SPT Remote Code Sharepoint Server 2010 Important 10 Execution 2 SP2 - 2019

Exploited: MS20-08-W10 CVE-2020-1380 Windows 10, Remote Code 94 Critical 1 Exploited and Server 2016, Server Execution Disclosed: 2019, IE 11, and Edge CVE-2020-1464

For more information visit: ivanti.com/patch-tuesday